<jsp:root
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:sql="http://java.sun.com/jsp/jstl/sql"
version="2.0" 
>
<jsp:directive.page
	contentType="text/xml; charset=iso-8859-1"
	/>
<jsp:output doctype-root-element="html"
doctype-public="-//W3C//DTD XHTML 1.0 Strict//EN"
doctype-system="http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
omit-xml-declaration="true"
/>
<c:remove var="user" />
<c:if test="${empty param.user}">
  <c:redirect url="login.jsp" >
    <c:param name="errorMsg" 
      value="You must enter a User Name." />
  </c:redirect>
</c:if>

<sql:query var="userInfo" dataSource="jdbc/__PROJECT__SQL">
  SELECT id,name,IF(canWrite="yes","true","false") as "admin" FROM users 
    WHERE name = ? AND SHA1(?)=sha1Password
  <sql:param value="${param.user}" />
  <sql:param value="${param.password}" />
</sql:query>


<c:if test="${userInfo.rowCount != 1}">
  <c:redirect url="login.jsp" >
    <c:param name="errorMsg" 
      value="The User Name or Password you entered is not valid." />
  </c:redirect>
</c:if>

<c:set var="row0" value="${userInfo.rows[0]}" />

<jsp:useBean id="user" scope="session"
  class="fr.cephb.joperon.webapp.User" >
  <c:set target="${user}" property="name"  value="${row0.name}" />
  <c:set target="${user}" property="id"  value="${row0.id}" />
  <c:set target="${user}" property="admin"  value="${row0.admin}" />
</jsp:useBean>
 <c:choose>
	 <c:when test='${not empty param.requesturi}'>
	  <c:redirect url="${param.requesturi}" />
	 </c:when>
	 <c:otherwise>
	  <c:redirect url="index.jsp" />
	 </c:otherwise>
</c:choose>

</jsp:root>